package com.xxl.config;

import com.xxl.interceptor.AuthenticationInterceptor;
import org.apache.shiro.spring.web.config.DefaultShiroFilterChainDefinition;
import org.apache.shiro.spring.web.config.ShiroFilterChainDefinition;
import org.apache.shiro.web.mgt.DefaultWebSecurityManager;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.web.servlet.config.annotation.InterceptorRegistration;
import org.springframework.web.servlet.config.annotation.InterceptorRegistry;
import org.springframework.web.servlet.config.annotation.WebMvcConfigurer;

import javax.annotation.Resource;

/**
 * shiro配置类,需要配置三大对象
 * @author xxl
 * @date 2023/3/12
 */
@Configuration
public class ShiroConfig implements WebMvcConfigurer {
    /**
     * 1：AuthorizingRealm:授权领域
     */
    @Bean
    public UserRealm userRealm() {
        return new UserRealm();
    }

    /**
     * 2：DefaultWebSecurityManager:默认的web安全管理器
     */
    @Bean
    public DefaultWebSecurityManager defaultWebSecurityManager(UserRealm userRealm) {
        return new DefaultWebSecurityManager(userRealm);
    }
    /**
     * 3.2：ShiroFilterChainDefinition  shiro过滤器链定义
     * 添加拦截路径
     */
    @Bean
    public ShiroFilterChainDefinition shiroFilterChainDefinition() {
        System.out.println("shiroFilterChainDefinition被执行了");
        DefaultShiroFilterChainDefinition definition = new DefaultShiroFilterChainDefinition();
        //definition.addPathDefinition("/","authc");
        //拦截level1,使用perms过滤器语法规则为 perms[xxx]只有携带了此xxx的证明才会让你通过，否则跳转到未授权页面
        definition.addPathDefinition("/view/common.html/level1-1","perms[vip1]");
        return definition;
    }
    @Resource
    public AuthenticationInterceptor authenticationInterceptor;
    @Override
    public void addInterceptors(InterceptorRegistry registry) {
        InterceptorRegistration interceptorRegistration = registry.addInterceptor(authenticationInterceptor);
        interceptorRegistration
                .addPathPatterns(
                //拦截所有请求
                "/**"
                ).excludePathPatterns(
                        //不拦截
                        "/view/login.html",
                        //静态资源(固定写法)
                        "/**/*.js",
                        "/**/*.css",
                        "/**/*.png",
                        "/**/*.jpg"
                );
    }
}
